[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Getting the list of members in an AD group



Am 07.04.2014 15:55, schrieb Dan White:
On 04/07/14 11:06 +0530, Sankar P wrote:
Hi,

I have the SID of an AD group. I want to get the list of members who
belong to that group. All the documentation page that I search for
points me to the reverse only (i.e., getting all the groups membership
information of a user).

Can someone show me to the relevant way to get the users who belong to
a group whose SID I have ?

ldapsearch -Y DIGEST-MD5 -U joe -H ldap://192.0.2.1 \
  -b "dc=example,dc=com" -s "sub" "objectSid=XXX" dn


as an alternative you can do the following:

ldapsearch -b '<sid=S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXXX-XXXX>' member

Cheers,

Mark Pröhl